From d87904af1a07afbd937bc46e75e4d5f2e4f36869 Mon Sep 17 00:00:00 2001 From: hickert Date: Wed, 4 Jun 2008 12:58:52 +0000 Subject: [PATCH] Updated krb-host key generation. git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@11209 594d385d-05f5-0310-b6e9-bd551577e9d8 --- .../services/kerberos/class_krb_host_keys.inc | 49 ++++++++++--------- .../kerberos/class_password-methods-MIT.inc | 9 ++++ 2 files changed, 34 insertions(+), 24 deletions(-) diff --git a/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc b/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc index 4ed017205..9886feb03 100644 --- a/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc +++ b/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_krb_host_keys.inc @@ -58,7 +58,10 @@ class krb_host_keys extends plugin $this->namingAttr = "host/".$this->object->cn; + /* Create password handle, it has already a working principal parsing + */ $this->pwd_handle = new passwordMethodMIT($this->config); + $this->pwd_handle->clear_cache(); /* Get a list of all kerberos servers, defined in ldap and get a list of principals they are providing. @@ -100,12 +103,6 @@ class krb_host_keys extends plugin $this->kerberos_support = TRUE; } } - - - $this->server_list['00:00:00:00:00:00']['REALM'] ="gonicus.de"; - $this->server_list['00:00:00:00:00:00']['MAC'] ="00:00:00:00:00:00"; - $this->server_list['00:00:00:00:00:00']['CN'] ="test"; - $this->server_list['00:00:00:00:00:00']['PRINCIPAL'] = FALSE; } @@ -114,7 +111,6 @@ class krb_host_keys extends plugin /* Skip if there is no kerberos support available */ if(!$this->kerberos_support) return(""); - $smarty = get_smarty(); $smarty->assign("server_list",$this->server_list); return($smarty->fetch (get_template_path('krb_host_keys.tpl', TRUE,dirname(__FILE__)))); @@ -125,39 +121,44 @@ class krb_host_keys extends plugin { foreach($_POST as $name => $value){ - if(preg_match("/^create_/",$name)){ $id = preg_replace("/^create_([a-z0-9\:]*)_.*/i","\\1",$name); $realm = $this->server_list[$id]['REALM']; - - - print_a(array($id,$realm,$this->namingAttr."@".$realm)); - $this->o_queue->krb5_add_principal($id, $this->namingAttr."@".$realm, array()); if($this->o_queue->is_error()){ msg_dialog::display(_("Service infrastructure"),msgPool::siError($this->o_queue->get_error()),ERROR_DIALOG); } - - $this->o_queue->krb5_ramdomize_key($id, $this->namingAttr); - if($this->o_queue->is_error()){ - msg_dialog::display(_("Service infrastructure"),msgPool::siError($this->o_queue->get_error()),ERROR_DIALOG); - } - + echo "Not implemented yet."; +# $this->o_queue->krb5_ramdomize_key($id, $this->namingAttr."@".$realm); +# if($this->o_queue->is_error()){ +# msg_dialog::display(_("Service infrastructure"),msgPool::siError($this->o_queue->get_error()),ERROR_DIALOG); +# } + $this->init(); break; } + + /* Recreate host key */ if(preg_match("/^recreate_/",$name)){ $id = preg_replace("/^recreate_([a-z0-9\:]*)_.*/i","\\1",$name); $realm = $this->server_list[$id]['REALM']; - print_a(array($id,$realm,$this->namingAttr."@".$realm)); - $this->o_queue->krb5_ramdomize_key($id, $this->namingAttr."@".$realm); - if($this->o_queue->is_error()){ - msg_dialog::display(_("Service infrastructure"),msgPool::siError($this->o_queue->get_error()),ERROR_DIALOG); - } + echo "Not implemented yet."; +# $this->o_queue->krb5_ramdomize_key($id, $this->namingAttr."@".$realm); +# if($this->o_queue->is_error()){ +# msg_dialog::display(_("Service infrastructure"),msgPool::siError($this->o_queue->get_error()),ERROR_DIALOG); +# } + $this->init(); break; } + + /* Remove a host principal */ if(preg_match("/^remove_/",$name)){ $id = preg_replace("/^remove_([a-z0-9\:]*)_.*/i","\\1",$name); - echo $id; + $realm = $this->server_list[$id]['REALM']; + $this->o_queue->krb5_del_principal($id, $this->namingAttr."@".$realm); + if($this->o_queue->is_error()){ + msg_dialog::display(_("Service infrastructure"),msgPool::siError($this->o_queue->get_error()),ERROR_DIALOG); + } + $this->init(); break; } } diff --git a/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_password-methods-MIT.inc b/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_password-methods-MIT.inc index a4bd03df1..4646b6c43 100644 --- a/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_password-methods-MIT.inc +++ b/gosa-plugins/mit-krb5/admin/systems/services/kerberos/class_password-methods-MIT.inc @@ -109,6 +109,7 @@ class passwordMethodMIT extends passwordMethod session::un_set("MIT_CACHE"); session::un_set("MIT_PRINCIPAL_CACHE"); session::un_set("MIT_POLICY_CACHE"); + $this->clear_cache(); $skip_si_access = FALSE; } @@ -196,6 +197,14 @@ class passwordMethodMIT extends passwordMethod } + public static function clear_cache() + { + session::un_set("MIT_CACHE"); + session::un_set("MIT_PRINCIPAL_CACHE"); + session::un_set("MIT_POLICY_CACHE"); + } + + /*! \brief Load a specific principal from the si daemon and initialize this plugin with it. @param String The macAddress of the kerberos server. -- 2.30.2